Given that Web services REST are in effect HTTP-In -> WS-OUT at attack patterns are very similar to regular HTTP attack vectors, discussed throughout the guide. For example, in the following HTTP request with query string ''"/viewDetail=detail-10293"'', the HTTP GET parameter is ''"detail- 10293"''.

+

Given that REST Web services are in effect HTTP-In -> WS-Out, attack patterns, they are very similar to regular HTTP attack vectors, discussed throughout the guide. For example, in the following HTTP request with query string ''"/?viewDetail=detail-10293"'', the HTTP GET parameter is ''"detail-10293"''.

Brief Summary

Many XML applications are invoked by passing them parameters using HTTP GET queries.
These are sometimes known as “REST-style" Web Services (REST = Representational State Transfer). These Web Services can be attacked by passing malicious content on the HTTP GET string (e.g., extra long parameters (2048 chars), SQL statements/injection (or OS Injection parameters).

Description of the Issue

Given that REST Web services are in effect HTTP-In -> WS-Out, attack patterns, they are very similar to regular HTTP attack vectors, discussed throughout the guide. For example, in the following HTTP request with query string "/?viewDetail=detail-10293", the HTTP GET parameter is "detail-10293".

Black Box Testing and example

Say we had a Web Service which accepts the following HTTP GET query string: